mirror of https://github.com/nucypher/nucypher.git
118 lines
3.5 KiB
YAML
118 lines
3.5 KiB
YAML
- name: "Start Ursulas"
|
|
hosts: "{{ 'tag_Role_' + lookup('env', 'NUCYPHER_NETWORK_NAME') + '_ursulas' }}"
|
|
user: ubuntu
|
|
gather_facts: false
|
|
|
|
pre_tasks:
|
|
- name: "Install Python2.7 for Ansible Control"
|
|
raw: sudo apt -y update && sudo apt install -y python2.7-minimal python2.7-setuptools
|
|
- include_vars: "{{ lookup('env', 'ANSIBLE_VARIABLES') }}"
|
|
|
|
tasks:
|
|
- name: "Install System Dependencies"
|
|
become: yes
|
|
become_flags: "-H -S"
|
|
apt:
|
|
name: "{{ packages }}"
|
|
update_cache: yes
|
|
state: latest
|
|
vars:
|
|
packages:
|
|
- libffi-dev
|
|
- python3
|
|
- python3-pip
|
|
- python3-dev
|
|
- python3-setuptools
|
|
- python3-virtualenv
|
|
- virtualenv
|
|
|
|
- git:
|
|
repo: "{{ git_repo }}"
|
|
dest: ./code
|
|
version: "{{ git_version }}"
|
|
|
|
- pip:
|
|
chdir: ./code
|
|
name: '.'
|
|
editable: true
|
|
virtualenv: '/home/ubuntu/venv'
|
|
virtualenv_python: python3.6
|
|
virtualenv_site_packages: true
|
|
environment:
|
|
LC_ALL: en_US.UTF-8
|
|
LANG: en_US.UTF-8
|
|
|
|
- name: "Check if 'ursula.config' Exists"
|
|
stat:
|
|
path: "~/.local/share/nucypher/ursula.config"
|
|
register: stat_result
|
|
|
|
- name: "Generate Ursula Password"
|
|
shell: head -c 32 /dev/urandom | sha256sum | awk '{print $1}'
|
|
register: ursula_password
|
|
when: stat_result.stat.exists == False
|
|
|
|
- name: "Configure Ursula"
|
|
shell: "/home/ubuntu/venv/bin/nucypher ursula init --federated-only --rest-host {{ inventory_hostname }} --network {{ lookup('env', 'NUCYPHER_NETWORK_NAME') }}"
|
|
args:
|
|
chdir: ./code
|
|
environment:
|
|
NUCYPHER_KEYSTORE_PASSWORD: "{{ ursula_password.stdout }}"
|
|
LC_ALL: en_US.UTF-8
|
|
LANG: en_US.UTF-8
|
|
ignore_errors: yes
|
|
register: configure_ursula_output
|
|
when: stat_result.stat.exists == False
|
|
|
|
- name: "Get Ursula Seed Node Config (and more)"
|
|
slurp:
|
|
src: "~/.local/share/nucypher/ursula.config"
|
|
register: ursula_seed_node_config
|
|
run_once: true
|
|
|
|
- name: "Set Ursula Seed Node Fact"
|
|
set_fact:
|
|
seed_node_metadata: "{{ ursula_seed_node_config['content'] | b64decode }}"
|
|
|
|
- name: "Open Ursula node port"
|
|
become: yes
|
|
become_flags: "-H -S"
|
|
shell: 'iptables -A INPUT -p tcp -m conntrack --dport {{ seed_node_metadata.rest_port }} --ctstate NEW,ESTABLISHED -j ACCEPT'
|
|
|
|
- name: "Render Lonely Node Service"
|
|
become: yes
|
|
become_flags: "-H -S"
|
|
template:
|
|
src: ../../services/firstula_node.j2
|
|
dest: /etc/systemd/system/ursula_node.service
|
|
mode: 0755
|
|
vars:
|
|
virtualenv_path: '/home/ubuntu/venv'
|
|
nucypher_network_domain: "{{ lookup('env', 'NUCYPHER_NETWORK_NAME') }}"
|
|
run_once: true
|
|
when: stat_result.stat.exists == False
|
|
|
|
- name: "Render Subsequent Ursula Node Services"
|
|
become: yes
|
|
become_flags: "-H -S"
|
|
template:
|
|
src: ../../services/ursula_node.j2
|
|
dest: /etc/systemd/system/ursula_node.service
|
|
mode: 0755
|
|
vars:
|
|
virtualenv_path: '/home/ubuntu/venv'
|
|
nucypher_network_domain: "{{ lookup('env', 'NUCYPHER_NETWORK_NAME') }}"
|
|
when:
|
|
- stat_result.stat.exists == False
|
|
- inventory_hostname != seed_node_metadata.rest_host
|
|
|
|
- name: "Enable and Start Ursula Service"
|
|
become: yes
|
|
become_flags: "-H -S"
|
|
systemd:
|
|
daemon_reload: yes
|
|
no_block: yes
|
|
enabled: yes
|
|
state: restarted
|
|
name: "ursula_node"
|